The Internet's Secret Back Door

Web users in the United Arab Emirates have more to worry about than having just their BlackBerries cracked.

The United Arab Emirates continues to wrestle with Research in Motion over government access to BlackBerry messages, threatening to ban the company's services if it doesn't severely weaken the anti-snooping protections on its smartphones. But years before the RIM battle boiled over, other Western companies handed the country a far greater power: the capability to infiltrate the secure system used by most banking, mail, and financing sites, making the most protected data on the Web available to the prying eyes of the emirates' government-connected telecommunications giant.

To understand how this happened, you need to understand the way much of the Web's private traffic stays private. Whenever you're sending sensitive information online—say, your credit card number to Amazon or a message over Gmail—the content is encrypted before being sent and then decrypted by the Web site you sent it to. (Sites using this secure mode have URLs that start with "https," and browsers add a padlock icon as well to demonstrate you're communicating securely.) Every vendor has its own rules for how to scramble information so that only it, the intended recipient, can decode it. If anyone intercepts the message along the way, it will appear to be a meaningless digital jumble.

Cryptographers are reasonably confident that the mathematics behind this method of encryption makes it unassailable by direct assault, even by the most well-funded intelligence agencies. But they have also long been aware of a potential weakness in its design: There's no way for your computer to know if the recipient is who they say they are. Because of this, cyber-criminals (or curious governments) can trick you by staging a "man in the middle attack," where the snoop acts as an uninvited mediator between you and the intended recipient. Your computer thinks it's contacting your bank when in fact it's contacting the snoop, using his own rules for encrypting information. He decodes it, copies your sensitive data, then re-encodes it according to the bank's rules and sends it along. He does the same thing for traffic coming from the bank to you. Both your bank and you would believe you were talking directly to each other with no one else listening.

To overcome this deficiency, the Web's security relies on the idea of "certificate authorities": organizations that independently verify the identity of the Web site you're communicating with and provide a digital confirmation that it's authentic. A certificate authority's digital endorsement decides whether your browser believes a site when it claims to be GMail, Microsoft, or even the New York Times, which has a secure version. Middle men can't fake this authentication without getting a similar endorsement. These certificate authorities are supposed to conduct due diligence in ensuring that only the real Web site gets their stamps of approval.

Who are these certificate authorities? At the beginning of Web history, there were only a handful of companies, like Verisign, Equifax, and Thawte, that made near-monopoly profits from being the only providers trusted by Internet Explorer or Netscape Navigator. But over time, browsers have trusted more and more organizations to verify Web sites. Safari and Firefox now trust more than 60 separate certificate authorities by default. Microsoft's software trusts more than 100 private and government institutions.

Disturbingly, some of these trusted certificate authorities have decided to delegate their powers to yet more organizations, which aren't tracked or audited by browser companies. By scouring the Net for certificates, security researchers have uncovered more than 600 groups who, through such delegation, are now also automatically trusted by most browsers, including the Department of Homeland Security, Google, and Ford Motors—and a UAE mobile phone company called Etisalat.

In 2005, a company called CyberTrust—which has since been purchased by Verizon— gave Etisalat, the government-connected mobile company in the UAE, the right to verify that a site is valid. Here's why this is trouble: Since browsers now automatically trust Etisalat to confirm a site's identity, the company has the potential ability to fake a secure connection to any site Etisalat subscribers might visit using a man-in-the-middle scheme.

Etisalat doesn't exactly have a clean record when it comes to privacy. Tech watchdogs have already caught it deliberately attempting to invade the privacy of its own users. In July 2009, Etisalat abruptly announced a software update on all its BlackBerry customers. Described as a "network upgrade," the application in fact copied all messages written on the device to two private Etisalat e-mail addresses. Research in Motion distanced itself from this clumsy attempt at government spyware, clarifying that it was "not a RIM-authorized software upgrade" and providing a counter-app to remove the program.

To date, no one has observed Etisalat fake a Web site to spy on an individual's encrypted traffic. But because of the proliferation and delegation of certificate authorities, Etisalat and hundreds of other groups have that capability. The good news about misusing the power of certificate authorities is that, like the BlackBerry upgrade, such attacks can quickly be uncovered and publicized, given enough vigilance and the righttools.

A better solution is to clean up the certificate authority lists and revoke the rights of organizations who could abuse it. The Electronic Frontier Foundation, where I used to work, recently published an open letter to Verizon asking them to consider publicly revoking the certificate authority that the company granted Etisalat. But that still leaves the hundreds of other certificate authorities that could turn rogue and start spying on the Web's secure systems.

Ironically, RIM's enterprise BlackBerry encryption is one of the few secure Internet communication channels that doesn't depend on certificate authorities, which could be one of the reasons the UAE is so obsessed with cracking it. RIM's defense against the UAE's demands is that corporations and individuals expect the same level of privacy in their BlackBerry communications as they get from any other Internet service. "Everything on the Internet is encrypted," CEO Michael Lazaridis told the Wall Street Journal, slightly inaccurately. "This is not a BlackBerry-only issue. If they can't deal with the Internet, they should shut it off." What's worrying is that the UAE may indeed have already "dealt with" the rest of the Internet—just not in the way that most of us would like.